Advertisement

Enterprise Cybersecurity Study Guide

How to Build a Successful Cyberdefense Program Against Advanced Threats

  • Scott E. Donaldson
  • Stanley G. Siegel
  • Chris K. Williams
  • Abdul Aslam

Table of contents

  1. Front Matter
    Pages i-xlvi
  2. Part I: The Cybersecurity Challenge

    1. Front Matter
      Pages 1-1
    2. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 3-51
    3. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 53-92
  3. Part II: A New Enterprise Cybersecurity Architecture

    1. Front Matter
      Pages 93-93
    2. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 95-133
    3. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 135-171
    4. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 173-217
    5. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 219-247
    6. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 249-274
  4. Part III: The Art of Cyberdefense

    1. Front Matter
      Pages 275-275
    2. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 277-312
    3. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 313-332
    4. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 333-375
  5. Part IV: Enterprise Cyberdefense Assessment

    1. Front Matter
      Pages 377-377
    2. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 379-405
    3. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 407-428
    4. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 429-447
  6. Part V: Enterprise Cybersecurity Program

    1. Front Matter
      Pages 449-449
    2. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 451-486
    3. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 487-511
  7. Part VI: Appendices

    1. Front Matter
      Pages 513-513
    2. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 515-544
    3. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 545-564
    4. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 565-602
    5. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 603-661
    6. Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
      Pages 663-700
  8. Back Matter
    Pages 701-709

About this book

Introduction

Use the methodology in this study guide to design, manage, and operate a balanced enterprise cybersecurity program that is pragmatic and realistic in the face of resource constraints and other real-world limitations. This guide is an instructional companion to the book Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats. The study guide will help you understand the book’s ideas and put them to work. The guide can be used for self-study or in the classroom.

Enterprise cybersecurity is about implementing a cyberdefense program that will succeed in defending against real-world attacks. While we often know what should be done, the resources to do it often are not sufficient. The reality is that the Cybersecurity Conundrum—what the defenders request, what the frameworks specify, and what the budget allows versus what the attackers exploit—gets in the way of what needs to be done. Cyberattacks in the headlines affecting millions of people show that this conundrum fails more often than we would prefer.

Cybersecurity professionals want to implement more than what control frameworks specify, and more than what the budget allows. Ironically, another challenge is that even when defenders get everything that they want, clever attackers are extremely effective at finding and exploiting the gaps in those defenses, regardless of their comprehensiveness. Therefore, the cybersecurity challenge is to spend the available budget on the right protections, so that real-world attacks can be thwarted without breaking the bank.

People involved in or interested in successful enterprise cybersecurity can use this study guide to gain insight into a comprehensive framework for coordinating an entire enterprise cyberdefense program.

What You’ll Learn:
  • Know the methodology of targeted attacks and why they succeed
  • Master the cybersecurity risk management process
  • Understand why cybersecurity capabilities are the foundation of effective cyberdefenses
  • Organize a cybersecurity program's policy, people, budget, technology, and assessment
  • Assess and score a cybersecurity program
  • Report cybersecurity program status against compliance and regulatory frameworks
  • Use the operational processes and supporting information systems of a successful cybersecurity program
  • Create a data-driven and objectively managed cybersecurity program
  • Discover how cybersecurity is evolving and will continue to evolve over the next decade


Keywords

Cybersecurity Cyberdefense Cybersecurity framework Cybersecurity architecture Cybersecurity functional areas Cybersecurity capabilities Cybersecurity operations Cybersecurity controls Enterprise security posture Cybersecurity program Cybersecurity program audits Cybersecurity program assessments Cybersecurity measurement Cybersecurity responsibilities Cybersecurity policy Security Infosec

Authors and affiliations

  • Scott E. Donaldson
    • 1
  • Stanley G. Siegel
    • 2
  • Chris K. Williams
    • 3
  • Abdul Aslam
    • 4
  1. 1.Falls ChurchUSA
  2. 2.PotomacUSA
  3. 3.San DiegoUSA
  4. 4.San DiegoUSA

Bibliographic information